The Department of Health and Human Services has extended the deadline for submitting comments on its proposed rules to promote the interoperability of health information technology and electronic protected health information.

Two new rules were released on February 11, 2019 by the Office of the National Coordinator for Health IT (ONC) and the Centers for Medicare and Medicaid Services (CMS). The purpose of the new rules is to support the secure access, exchange, and use of electronic health information. The rules cover technical and healthcare industry factors that are proving to be barriers to the interoperability of health information and are limiting the ability of patients to gain access to their health data.

The deadline has been extended to give the public and industry stakeholders more time to read the proposed rules and provide meaningful input that can be used to help achieve the objectives of the rules. The extension has come in response to feedback from many stakeholders who have asked for more time to review the rules, which have potential to cause a range of issues for healthcare organizations.

Two other factors influenced the decision to extend the deadline. There appeared to be some confusion over HIPAA and whether healthcare providers are accountable for how patients use their health data. To help clear up the confusion, the HHS’ Office for Civil Rights has released a new FAQ for providers which explains the HIPAA right of access in relation to health apps used by patients, application programming interfaces (APIs) used by healthcare providers’ electronic health record systems, accountability, and general information on access rights and health IT.

Also, the ONC has recently released the second draft of its Trusted Exchange Framework and Common Agreement (TEFCA), which could be factored into comments. While there is not a great deal of overlap between TEFCA and the ONC/CMS proposed rules, they all operate in the same space.

Healthcare industry stakeholders have until to June 3, 2019 to review the new rules and submit meaningful feedback.

About HIPAA Journal

HIPAA Journal provides the most comprehensive coverage of HIPAA news anywhere online, in addition to independent advice about HIPAA compliance and the best practices to adopt to avoid data breaches, HIPAA violations and regulatory fines. HIPAA Journal's goal is to assist HIPAA-covered entities achieve and maintain compliance with state and federal regulations governing the use, storage and disclosure of PHI and PII.